Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/8aq2QHkW0HiZsCxCW_mKP7zcs9U.roa
File: 8aq2QHkW0HiZsCxCW_mKP7zcs9U.roa (raw, json)
Hash identifier: o9Go6g0pSDVuVxv2ena1xCIqOtjepRU9CrItV5Jf+NU=
Subject key identifier: F1:AA:B6:40:79:16:D0:78:99:B0:2C:42:5B:F9:8A:3F:BC:DC:B3:D5
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018D414DC2DF37AB25EDC825A600AAD39129
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/8aq2QHkW0HiZsCxCW_mKP7zcs9U.roa
Signing time: Thu 25 Jan 2024 15:47:11 +0000
ROA not before: Thu 25 Jan 2024 15:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:300b::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
2a03:32c0:3011::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 26 Jan 2024 04:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:4d:c2:df:37:ab:25:ed:c8:25:a6:00:aa:d3:91:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 25 15:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1aab6407916d07899b02c425bf98a3fbcdcb3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:69:e1:8f:0b:2d:40:db:02:4d:a7:43:07:91:
e7:6b:d5:4d:b2:5d:f4:3c:ba:23:e7:40:2e:6e:72:
ce:1f:03:b4:53:d4:2c:0d:f9:b9:70:17:7e:e6:30:
4d:b1:81:55:3a:2e:96:f3:74:9d:bc:3b:ab:2a:8f:
ac:f7:3a:db:ff:7d:8d:d0:f4:8c:fe:36:60:8d:e9:
bf:df:0e:5a:02:f3:64:2c:c2:ac:b9:6b:d4:fb:0b:
e0:b2:56:0b:93:7c:0e:1b:0c:45:d5:0a:9c:f0:c9:
43:43:8e:24:bc:5b:7a:01:82:a1:42:5a:f4:e1:b8:
f7:5b:0d:20:45:bd:ae:54:aa:d2:3e:c3:6b:46:eb:
1a:28:68:9c:27:ea:8c:09:29:43:f2:b9:fd:fc:14:
0e:9f:e2:ff:aa:fd:e6:17:41:3b:38:63:19:7b:44:
21:4c:fd:d4:6b:90:f1:d5:38:9c:b0:e8:dc:51:49:
99:39:c0:ee:36:19:07:a7:b4:70:25:46:8e:30:e3:
f9:7b:42:b7:24:f0:c6:65:c9:f5:20:5c:a1:51:66:
1f:a1:28:71:50:e8:3c:5f:63:9d:b8:89:15:e0:3f:
6b:96:67:7f:5b:bf:94:d7:38:48:11:84:64:cd:89:
ac:83:2b:3f:53:91:79:87:b1:89:1c:b9:39:2d:73:
1a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:AA:B6:40:79:16:D0:78:99:B0:2C:42:5B:F9:8A:3F:BC:DC:B3:D5
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/8aq2QHkW0HiZsCxCW_mKP7zcs9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300b::/48
2a03:32c0:300e::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4b:39:55:af:6d:79:8e:fa:1b:b1:3a:1a:7b:5a:ee:36:29:e8:
14:73:dc:0c:af:3b:41:a6:ea:24:e7:98:b5:17:7b:5f:d4:12:
60:64:f6:6e:09:16:75:9f:be:4e:00:3b:d8:e7:c8:77:4c:92:
60:86:ce:a7:c2:5c:b8:81:e2:f6:46:94:81:69:ca:0a:71:28:
42:6c:b7:ea:7e:9b:cd:68:e2:2e:46:ec:9c:3b:5e:1c:a4:84:
38:50:cc:59:d8:38:5f:4d:7b:e5:b4:15:6c:50:57:42:58:af:
82:fb:0f:66:c5:7a:79:6b:00:ea:a0:da:2a:16:ad:15:fa:29:
ad:b9:20:be:0d:f8:ff:e8:67:44:26:7c:20:24:80:2e:af:6c:
7c:1e:8a:dc:22:c3:ee:04:99:51:e6:66:cc:f3:14:5d:c0:70:
68:98:21:be:4a:b3:17:ec:d0:86:d8:61:dd:7d:c2:d2:5f:22:
03:80:a2:50:7e:c5:2d:7c:bc:94:4b:64:52:c6:ba:3e:da:11:
8d:c7:bc:f9:fd:1e:14:a8:d1:9a:1c:3d:06:33:21:6f:dc:3a:
93:fc:a0:4b:a2:5a:d7:f9:c5:5a:d2:44:d1:e0:5d:b6:0d:3c:
24:43:43:b5:7a:2f:b5:a1:5a:8f:50:b8:1b:6c:36:af:99:7d:
b0:4d:19:df
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY1BTcLfN6sl7cglpgCq05EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTI1MTU0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWFhYjY0MDc5MTZkMDc4OTliMDJjNDI1YmY5OGEzZmJjZGNiM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmnhjwstQNsCTadDB5Hna9VNsl30
PLoj50AubnLOHwO0U9QsDfm5cBd+5jBNsYFVOi6W83SdvDurKo+s9zrb/32N0PSM
/jZgjem/3w5aAvNkLMKsuWvU+wvgslYLk3wOGwxF1Qqc8MlDQ44kvFt6AYKhQlr0
4bj3Ww0gRb2uVKrSPsNrRusaKGicJ+qMCSlD8rn9/BQOn+L/qv3mF0E7OGMZe0Qh
TP3Ua5Dx1TicsOjcUUmZOcDuNhkHp7RwJUaOMOP5e0K3JPDGZcn1IFyhUWYfoShx
UOg8X2OduIkV4D9rlmd/W7+U1zhIEYRkzYmsgys/U5F5h7GJHLk5LXMaPQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFPGqtkB5FtB4mbAsQlv5ij+83LPVMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvOGFxMlFIa1cwSGlac0N4Q1dfbUtQN3pjczlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzA0BAIAATAuAwQFVXVg
AwQCuTlIAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBLBAIAAjBF
MBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMHACoDMsAw
CzASAwcBKgMywDAOAwcBKgMywDAQMA0GCSqGSIb3DQEBCwUAA4IBAQBLOVWvbXmO
+huxOhp7Wu42KegUc9wMrztBpuok55i1F3tf1BJgZPZuCRZ1n75OADvY58h3TJJg
hs6nwly4geL2RpSBacoKcShCbLfqfpvNaOIuRuycO14cpIQ4UMxZ2DhfTXvltBVs
UFdCWK+C+w9mxXp5awDqoNoqFq0V+imtuSC+Dfj/6GdEJnwgJIAur2x8HorcIsPu
BJlR5mbM8xRdwHBomCG+SrMX7NCG2GHdfcLSXyIDgKJQfsUtfLyUS2RSxro+2hGN
x7z5/R4UqNGaHD0GMyFv3DqT/KBLolrX+cVa0kTR4F22DTwkQ0O1ei+1oVqPULgb
bDavmX2wTRnf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org